The Email Ransom Scam

You receive an email with your password in the title.

The email starts ‘Let’s get straight to the point. I know **** is your pass word. Most importantly, I’m aware about your secret and I have evidence of this. You do not know me and no one paid me to examine you. ‘
The password quoted in the title may be your current password, or it may be an old password you previously used, or it may be incorrect.

If it’s genuine then change the password on your account immediately, then change the password for any other account that uses the same login and password.

How did the scammer get my password?

The most likely answer in the case of these messages is that the scammer bought a list of email addresses and passwords from a hacker. These will have come from a data breach that happened probably years ago.

There is a website that maintains lists of all email addresses affected by data breaches. It is at https://haveibeenpwned.com/ and can be used safely. If your email address shows up as having been in a data breach then you know the likely source of email data used to send you the message.

The Threat

The scammer wants money – $2,900 in Bitcoin otherwise will publish to everyone on your email contacts, Facebook contacts etc. a video of you downloading porn, recorded on your PC.

THE THREAT IS FAKE, except for the email password specified in the email title, but the blackmail is based on making people frightened so some pay up without thinking it through.

What Can You Do?

Change your email password

Change the password for any accounts using the same password

Report the blackmail attempt to the Police and/or Action Fraud

Report the crime to your email provider

Report the crime to the email provider of the criminal e.g. if the message arrives from a Yahoo account then report the problem to Yahoo